By Ben Rothke
February 02, 2009
A recent study has a finding that defies reason: close to half of 154
smokers who had surgery to remove early stage lung cancer picked up a
cigarette again within 12 months of their operation, and more than
one-third were smoking at the one year mark.
In fact, 60% of patients who started smoking again did so within two
months of surgery. The study, led by researchers at Washington
University School of Medicine and published in Cancer Epidemiology,
Biomarkers & Prevention confirmed that addictive behaviors are not
The study's lead author, Mark Walker, Ph.D., a clinical psychologist and
Assistant Professor of Medicine at Washington University, summed it up
best when he noted, "Patients are all addicted, so you cannot assume
they will easily change their behavior simply because they have dodged
this particular bullet." He concludes that their choices are driven by
insidious addictive cravings for nicotine.
In the world of IT, far too many organizations are addicted not to
something as tangible as a cigarette, but instead to insecurity. While
smokers' actions are driven by cravings for nicotine despite the health
hazards, information technology's actions are driven by users' desire
for easy access to data, usability, and quick deployment, with a
disregard for confidentiality, integrity and availability of that data.
These organizations typically know the risk of giving short shrift to
security (many have even been bitten by data breaches and malware
outbreaks), yet continue with their insecure ways despite clear evidence
of its hazards. While we are decades into the IT revolution, too many
companies are still not following computer security fundamentals.
While each passing year brings greater and fancier security and privacy
tools and technologies, not much has changed about how many
organizations approach information security. In fact, Forbes noted that
during 2008, banks have lost more of their customers' personal data than
ever before. Based on this trend, and in light of deteriorating economic
conditions, by the time the 2009 security year-in-review articles are
written, there is every likelihood that this year will be the worst year
on record for information security and privacy.
Getting your organization to change its addiction to insecurity won't be
easy. It is thought that addictive activities produce beta-endorphins in
the brain, which gives the person a feeling of being high. Yet the highs
of insecurity can include legal issues, regulatory penalties, negative
PR, and much more. In order for enterprises to make those changes to a
secure environment, they need to start by executing in the following
Best Selling Security Books & More!